Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

1 - The Problem:Whenever I open the folder: C: \ Documents and Settings \ x4NG3L.X4NG3L-DE17A6A0Appears a message suspicion that I had never seen before in my life.A Message pops up, the simple fact of opening the folder:This is my folder of User. Other folders in the system, eg"All Users" or "Default User.WINDOWS" for example, nothing unusual happens.

Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\ARQUIV~1\GbPlugin\GbpSv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Arquivos de programas\Microsoft IntelliType Pro\type32.exeC:\Arquivos de programas\Unlocker\UnlockerAssistant.exeC:\ARQUIV~1\AVG\AVG8\avgtray.exeC:\WINDOWS\system32\ctfmon.exeC:\Arquivos de programas\MSN Messenger\MsnMsgr.ExeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\ARQUIV~1\AVG\AVG8\avgwdsvc.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Arquivos de programas\Sandboxie\SbieSvc.exeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\WINDOWS\system32\svchost.exeC:\ARQUIV~1\AVG\AVG8\avgrsx.exeC:\ARQUIV~1\AVG\AVG8\avgnsx.exeC:\WINDOWS\system32\wuauclt.exeC:\Arquivos de programas\MSN Messenger\usnsvc.exeC:\Arquivos de programas\Mozilla Firefox\firefox.exeC:\Arquivos de programas\CCleaner\CCleaner.exeC:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our
Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\ARQUIV~1\GbPlugin\GbpSv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\ARQUIV~1\AVG\AVG8\avgwdsvc.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Arquivos de programas\Sandboxie\SbieSvc.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Microsoft IntelliType Pro\type32.exeC:\Arquivos de programas\Unlocker\UnlockerAssistant.exeC:\ARQUIV~1\AVG\AVG8\avgrsx.exeC:\ARQUIV~1\AVG\AVG8\avgtray.exeC:\ARQUIV~1\AVG\AVG8\avgnsx.exeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\System32\alg.exeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\WINDOWS\system32\wuauclt.exeC:\Arquivos de programas\MSN Messenger\usnsvc.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\Microsoft Visual Studio\VB98\vb6.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\msdtc.exeC:\WINDOWS\system32\notepad.exeC:\Arquivos de programas\Winamp\winamp.exeC:\WINDOWS\system32\notepad.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\Messenger\msmsgs.exeC:\Arquivos de programas\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\notepad.exeC:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RSIT.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Arquivos de programas\Trend Micro\HijackThis\x4NG3L.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Arquivos de programas\mIRC\mirc.exe"="C:\Arquivos de programas\mIRC\mirc.exe:*:Enabled:mIRC""C:\Arquivos de programas\Emule\emule.exe"="C:\Arquivos de programas\Emule\emule.exe:*:Enabled:eMule""C:\Arquivos de programas\HTTP-Tunnel\HTTP-TunnelClient.exe"="C:\Arquivos de programas\HTTP-Tunnel\HTTP-TunnelClient.exe:*:Enabled:HTTP-Tunnel Client""C:\Bifrost\bifrost1.2.1\bifrost121\Bifrost.exe"="C:\Bifrost\bifrost1.2.1\bifrost121\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Arquivos de programas\MessengerDiscovery\MessengerDiscovery Live.exe"="C:\Arquivos de programas\MessengerDiscovery\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon""C:\Bifrost\Bifrost.exe"="C:\Bifrost\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Configurações locais\Temp\Rar$EX00.172\Charon.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Configurações locais\Temp\Rar$EX00.172\Charon.exe:*:Enabled:Charon - A proxy checking / scanning program.""C:\Arquivos de programas\AVG\AVG8\avgupd.exe"="C:\Arquivos de programas\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe""C:\Arquivos de programas\AVG\AVG8\avgnsx.exe"="C:\Arquivos de programas\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe""C:\Arquivos de programas\CABALOnlineBR\launcher\update\ESTdnheadless.exe"="C:\Arquivos de programas\CABALOnlineBR\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine""C:\Bifrost\bifrost1.2.1\bifrost1.2.1\bifrost121\Bifrost.exe"="C:\Bifrost\bifrost1.2.1\bifrost1.2.1\bifrost121\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\Halloween.2\Halloween.2\Halloween.2.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\Halloween.2\Halloween.2\Halloween.2.exe:*:Disabled:Halloween2 Slots""C:\Arquivos de programas\Valve\hl.exe"="C:\Arquivos de programas\Valve\hl.exe:*:Enabled:Half-Life Launcher""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1""C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)""C:\Arquivos de programas\Microsoft Visual Studio\VB98\VB6.EXE"="C:\Arquivos de programas\Microsoft Visual Studio\VB98\VB6.EXE:*:Enabled:Visual Basic""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\A_Great_Wi2047322102007\Winsock Example Part 2 for PSC\server\Project1.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\A_Great_Wi2047322102007\Winsock Example Part 2 for PSC\server\Project1.exe:*:Enabled:Project1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPGServer.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPGServer.exe:*:Enabled:RPGServer""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPG Server 04.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPG Server 04.exe:*:Enabled:RPG Server 04"

Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\ARQUIV~1\GbPlugin\GbpSv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\ARQUIV~1\AVG\AVG8\avgwdsvc.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Arquivos de programas\Sandboxie\SbieSvc.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Microsoft IntelliType Pro\type32.exeC:\Arquivos de programas\Unlocker\UnlockerAssistant.exeC:\ARQUIV~1\AVG\AVG8\avgrsx.exeC:\ARQUIV~1\AVG\AVG8\avgtray.exeC:\ARQUIV~1\AVG\AVG8\avgnsx.exeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\System32\alg.exeC:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\WINDOWS\system32\wuauclt.exeC:\Arquivos de programas\MSN Messenger\usnsvc.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\Microsoft Visual Studio\VB98\vb6.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\msdtc.exeC:\WINDOWS\system32\notepad.exeC:\Arquivos de programas\Winamp\winamp.exeC:\WINDOWS\system32\notepad.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\Messenger\msmsgs.exeC:\Arquivos de programas\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\notepad.exeC:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RSIT.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Arquivos de programas\Trend Micro\HijackThis\x4NG3L.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Arquivos de programas\mIRC\mirc.exe"="C:\Arquivos de programas\mIRC\mirc.exe:*:Enabled:mIRC""C:\Arquivos de programas\Emule\emule.exe"="C:\Arquivos de programas\Emule\emule.exe:*:Enabled:eMule""C:\Arquivos de programas\HTTP-Tunnel\HTTP-TunnelClient.exe"="C:\Arquivos de programas\HTTP-Tunnel\HTTP-TunnelClient.exe:*:Enabled:HTTP-Tunnel Client""C:\Bifrost\bifrost1.2.1\bifrost121\Bifrost.exe"="C:\Bifrost\bifrost1.2.1\bifrost121\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Arquivos de programas\MessengerDiscovery\MessengerDiscovery Live.exe"="C:\Arquivos de programas\MessengerDiscovery\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon""C:\Bifrost\Bifrost.exe"="C:\Bifrost\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Configurações locais\Temp\Rar$EX00.172\Charon.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Configurações locais\Temp\Rar$EX00.172\Charon.exe:*:Enabled:Charon - A proxy checking / scanning program.""C:\Arquivos de programas\AVG\AVG8\avgupd.exe"="C:\Arquivos de programas\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe""C:\Arquivos de programas\AVG\AVG8\avgnsx.exe"="C:\Arquivos de programas\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe""C:\Arquivos de programas\CABALOnlineBR\launcher\update\ESTdnheadless.exe"="C:\Arquivos de programas\CABALOnlineBR\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine""C:\Bifrost\bifrost1.2.1\bifrost1.2.1\bifrost121\Bifrost.exe"="C:\Bifrost\bifrost1.2.1\bifrost1.2.1\bifrost121\Bifrost.exe:*:Enabled:Bifrost 1.2.1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\Halloween.2\Halloween.2\Halloween.2.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\Halloween.2\Halloween.2\Halloween.2.exe:*:Disabled:Halloween2 Slots""C:\Arquivos de programas\Valve\hl.exe"="C:\Arquivos de programas\Valve\hl.exe:*:Enabled:Half-Life Launcher""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1""C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)""C:\Arquivos de programas\Microsoft Visual Studio\VB98\VB6.EXE"="C:\Arquivos de programas\Microsoft Visual Studio\VB98\VB6.EXE:*:Enabled:Visual Basic""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\A_Great_Wi2047322102007\Winsock Example Part 2 for PSC\server\Project1.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\A_Great_Wi2047322102007\Winsock Example Part 2 for PSC\server\Project1.exe:*:Enabled:Project1""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPGServer.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPGServer.exe:*:Enabled:RPGServer""C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPG Server 04.exe"="C:\Documents and Settings\x4NG3L.X4NG3L-DE17A6A0\Desktop\RPG Server 04.exe:*:Enabled:RPG Server 04"

Menssagem: Your request can not be completed because the server can not be found or did not respond. It is possible that the server is experiencing technical difficulties, or may be you have to adjust their network settings.

Buttons: Try Again - Cancel

=============================

And your text is:

O mecanismo de banco de dados está iniciando as etapas de recuperação.=>The Mechanisms of the database is beginning stages of recovery

O mecanismo de banco de dados iniciou uma nova instância (0).=>The mechanism of the database started a new instance (0).

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.